iptables - Printable Version +- Linux-Noob Forums (https://www.linux-noob.com/forums) +-- Forum: Linux Server Administration (https://www.linux-noob.com/forums/forum-8.html) +--- Forum: Security and Firewalls (https://www.linux-noob.com/forums/forum-87.html) +--- Thread: iptables (/thread-3106.html)

iptables - Guest - 2004-10-20 How can i stop everything else than web and dns from my computer with iptables. I just thought i could use the following:   iptables -A OUTPUT -p tcp --sport 80 -j ACCEPT iptables -A OUTPUT -p udp --sport 53 -j ACCEPT iptables -P OUTPUT DROP   But with this i cant surf the web at all...       -george iptables - z0ny - 2004-10-20 When you visit some website you open some random high port (>1023) on your side (source port) and connect to the specified port (in general 80/tcp) on the server side (destination port). Your rules only allow outgoing connections whose source port is 80 - that will never ever happen. So go and use '--dport' (destination port) instead of '--sport' (source port). :)   z0ny